Address Space Layout Randomization in C Compilers

2019-06-22 07:53发布

问题:

If I am not mistaken, ASLR will make the local variables in C compilers have a different address each time I run the program. But when I tried it in Turbo C++ and Dev-CPP IDE, it just returns a similar address for local variables. The code i tried:

#include <stdio.h>
#include <conio.h>

int main()
{
 int x = 10;
 int *ptr = &x;
 printf("%d", ptr);
 getch();
 return 0;
}

Before, I thought the address of the local variables are the same because it is allocated in the same stack area and thus the same memory address. But when i found a thread here in stackoverflow about ASLR, it made me did these. I guess this is because of the compilers. Can anyone shed a light on this?

Edit:

Im using Windows 7.

回答1:

It appears you are using windows.

Quoting from wikipedia

Microsoft's Windows Vista (released January 2007) and later have ASLR enabled for only those executables and dynamic link libraries specifically linked to be ASLR-enabled. For compatibility, it is not enabled by default for other applications. Typically, only older software is incompatible and ASLR can be fully enabled by editing a registry entry "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\MoveImages".

and

Host-based intrusion prevention systems such as WehnTrust and Ozone also offer ASLR for Windows XP and Windows Server 2003 operating systems. WehnTrust is open-source Complete details of Ozone's implementation is not available

Make sure you enable the ASLR to observe the expected behaviour.



回答2:

There are a few things that can influence whether your program uses ASLR or not. In most cases, your compiler/linker needs to ensure that the executable is relocatable and mark the executable as being ASLR-compatible. Then your OS needs to actually relocate it at load time.

Do your compilers support ASLR? If not, and you're using Windows (I'm guessing that you are based on the compilers that you're using), then you can try to force the OS to apply ASLR using EMET, which you can download from Microsoft.